[fix] Add Elasticsearch to containers running on Helix sensor

salt/common/tools/sbin/so-image-common

@@ -84,6 +84,7 @@ container_list() {
     TRUSTED_CONTAINERS=(
       "so-filebeat"
       "so-idstools"
+      "so-elasticsearch"
       "so-logstash"
       "so-nginx"
       "so-redis"

salt/common/tools/sbin/soup

@@ -504,11 +504,12 @@ else
   update_docker_containers "soup"
   FEATURESCHECK=$(lookup_pillar features elastic)
   if [[ "$FEATURESCHECK" == "True" ]]; then 
-    TRUSTED_CONTAINERS=( \
-      "so-elasticsearch" \
-      "so-filebeat" \
-      "so-kibana" \
-      "so-logstash" )
+    TRUSTED_CONTAINERS=(
+      "so-elasticsearch"
+      "so-filebeat"
+      "so-kibana"
+      "so-logstash" 
+    )
     update_docker_containers "features" "-features"
   fi
 fi

salt/logstash/init.sls

@@ -45,10 +45,8 @@
 {% set DOCKER_OPTIONS = salt['pillar.get']('logstash:docker_options', {}) %}
 {% set TEMPLATES = salt['pillar.get']('elasticsearch:templates', {}) %}
 
-{% if grains['role'] != 'so-helix' %}
 include:
   - elasticsearch
-{% endif %}
 
 # Create the logstash group
 logstashgroup:

salt/top.sls

@@ -61,6 +61,7 @@ base:
     - suricata
     - zeek
     - redis
+    - elasticsearch
     - logstash
     {%- if FILEBEAT %}
     - filebeat

setup/so-setup

@@ -692,7 +692,7 @@ set_redirect >> $setup_log 2>&1
 		salt-call state.apply -l info nginx >> $setup_log 2>&1
 	fi
 
-	if [[ $is_manager || $is_node || $is_import ]]; then
+	if [[ $is_manager || $is_node || $is_import || $is_helix ]]; then
 		set_progress_str 64 "$(print_salt_state_apply 'elasticsearch')"
 		salt-call state.apply -l info elasticsearch >> $setup_log 2>&1
 	fi